Hi everyone! I'm opening this thread to discuss a feature I have in mind; if there is interest, I could try to implement it in the next weeks (this is separate from my GSoC project, while there are points where the things are connected). At the moment (correct me if I'm wrong), what authenticates a player to a server is the Client Identity, a key different for each server (identified by a public key) composed of two parts, clientPublic and clientPrivate. In my understanding this system provides a very good security level, however could be uncomfortable for a player that wants to: play with the same account on a server from multiple computers (or maybe multiple OSs in dual boot); this is not something everyone does, but I don't think it's that uncommon either. connect to a server using something that isn't the primary game client, like the web interface I'd like to make as GSoC project. As you can see in the proposal draft as a simple workaround I'd implement a console command that can be used in-game to set an username/password pair to tell the server that you'll later want to authenticate with said credentials from the web interface; still, I'm not sure how much this is user-friendly (you'd have to run the command on each new server you join and want to access via web). What I'm suggesting is to set up a way to allow the users to synchronize their identity certificates across their computers using a cloud-based service. Think of the following scenario: A player enters his cloud storage service access credentials (email/password) in client configuration (via GUI) The player joins a server he/she never joined before During the connection handshake the keys are generated and stored in the client configuration The client acknowledges this and uploads the new keys to the cloud (if the user is OK with this, obviously) When the user later launches the client on another computer, he's asked if he wants to synchronize the keys; if the answer is yes, he enters the cloud storage credentials and the client downloads the keys, and when he joins the same server he joined on the other machine, he will be recognized as the same player If he wants to access the web interface I will implement if my GSoC proposal gets accepted, this could have an option to get the keys from the cloud after the user logged in with the cloud credentials. Getting to the technical point, I can think of two ways to realize this: Custom cloud service: we set up a small web service where users can register and then enter the credentials in the game client to perform the synchronization. The keys could also be encrypted client-side with some symmetrical algorithm with the password chosen by the user and entered in the game client. The problem is providing hosting resources - I'd be OK to host this at my expenses for the initial phase (I have a DigitalOcean 50$ coupon from Github Student Pack yet to use), but I'm not sure how well it would scale. Using the APIs of services like DropBox, Google Drive, etc and put a JSON file with the keys - or the whole configuration - there. Problem, however, is that they use OAuth which doesn't play well with open source projects, so I'm not sure if this is feasible. What do you think? Any idea/critique is welcome!